Users
SSO
3 min
why sso is importantβ single sign on (sso) is a crucial technology for organizations that prioritize security, efficiency, and user experience sso allows users to access multiple applications with a single set of login credentials, eliminating the need to remember different passwords for each service the application supports user creation and sso can be set up together live with our engineers from a security standpoint, sso simplifies user management π§βπ§βπ§βπ§ and enhances compliance it administrators can enforce strong authentication policies, monitor access to sensitive information, and quickly revoke access to all connected applications if a security breach occurs additionally, sso reduces the likelihood of phishing attacks, as users are less likely to enter their credentials into malicious sites general summary of saml sso with jit user provisioning saml ( security assertion markup language ) sso ( single sign on ) is a protocol that allows secure exchange of authentication and authorization data between an identity provider (idp) and a service provider (sp) by using saml sso, users can authenticate once and gain access to multiple applications without needing to log in again when combined with just in time ( jit ) user provisioning, sso becomes even more powerful jit provisioning allows user accounts to be created automatically upon first login, based on attributes sent by the sso provider this ensures that users are assigned to the appropriate workspaces and roles instantly, without requiring manual intervention from it administrators the setup process involves configuring specific fields provided by your sso provider, ensuring that the correct user attributes are mapped for seamless account creation and access assignment π with saml sso and jit provisioning, organizations can achieve a secure , efficient , and user friendly authentication process that scales with their needs workspace level sso workspace level sso allows organizations to enable single sign on specifically for individual workspaces instead of enforcing authentication across the entire user portal this provides flexibility when different teams, departments, or client accounts need to manage their own identity provider (idp) configurations independently with workspace level sso, each workspace can configure its own saml idp , including metadata urls, certificates, and attribute mappings enable or disable sso based on organizational requirements use jit user provisioning to automatically create users only within that specific workspace assign roles and permissions based on attributes received from the idp control access at a granular level , ensuring users can only view and interact with data inside the assigned workspace this is especially useful for organizations working with multiple external clients or business units, where each entity may use a different authentication system (e g , okta, azure ad, onelogin) once workspace level sso is enabled users accessing that workspace will be redirected to the workspace specific identity provider for authentication if jit provisioning is enabled, the system will automatically create the user inside the workspace upon successful login roles, groups, or workspace access are assigned instantly based on the mapped attributes sent from the idp